<?php
/**
 * -----------------------------------------------------------------------
 * @package VirtueMart
 * @subpackage Payment
 * @Copyright (C) 2011 Mikkel Elmholdt
 *
 * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
 * VirtueMart is Free Software.
 * VirtueMart comes with absolute no warranty.
 *
 * www.virtuemart.net
 *
 * -----------------------------------------------------------------------
 *
 * This module contains the payment callback code for the Quickpay
 * Payment Gateway (www.quickpay.dk)
 *
 * -----------------------------------------------------------------------
 */

if (!defined('_VALID_MOS') && !defined('_JEXEC')) die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');

function addPaymentLog($dbConn, $log, $order_id)
{
    $dbConn->query("UPDATE #__{vm}_order_payment SET order_payment_log = concat('" . $dbConn->getEscaped($log) . "<br>', order_payment_log) where order_id = '" . $dbConn->getEscaped($order_id) . "'");
}

function orderPaymentNotYetUpdated($dbConn, $order_id, $tid)
{
    $res = false;
    $dbConn->query("SELECT COUNT(*) `qty` FROM `#__{vm}_order_payment` WHERE `order_payment_number` = '" . $dbConn->getEscaped($order_id) . "' and order_payment_trans_id = '" . $dbConn->getEscaped($tid) . "'");
    
    if ($dbConn->next_record()) {
	
	if ($dbConn->f('qty') == 0) {
	    $res = true;
	}
    }
    return $res;
}

require_once (CLASSPATH . "payment/ps_quickpay.cfg.php");

$order_id = $_REQUEST["order_id"];
$order_amount = $_REQUEST["amount"];
$order_currency = $_REQUEST["currency"];
$order_amount = $_REQUEST["amount"];
$order_currency = $_REQUEST["time"];
$order_ekey = $_REQUEST["state"];
$qpstat = $_REQUEST["qpstat"];
$chstat = $_REQUEST["chstat"];
$transaction = $_REQUEST["transaction"];
$tid = $_REQUEST["transaction"];
$cardtype = $_REQUEST["cardtype"];
$cardnumber = $_REQUEST["cardnumber"];
$md5check = $_REQUEST["md5check"];
$transaction = $_REQUEST["transaction"];
$md5word = $_REQUEST["md5word"];
$ok_page = $_REQUEST["callback"];

if ($qpstat == "000") {

    // Find the corresponding order in the database
    $qv = "SELECT order_id, order_number FROM #__{vm}_orders WHERE order_id='" . $order_id . "'";
    $dbo = new ps_DB;
    $dbo->query($qv);
    
    if ($dbo->next_record()) {
	$d['order_id'] = $dbo->f("order_id");

	// Only update the order information once
	if (orderPaymentNotYetUpdated($dbo, $order_id, $transaction)) {

	    // UPDATE THE ORDER STATUS to 'VALID'
	    $d['order_status'] = QP_VERIFIED_STATUS;

	    // Setting this to "Y" = yes is required by Danish Law
	    $d['notify_customer'] = "Y";
	    $d['include_comment'] = "Y";
	    $d['order_id'] = $order_id;
	    
	    /**
	     * Notifying the customer about the transaction key and
	     * the order Status Update.
	     */
	    $d['order_comment'] = $VM_LANG->_('PHPSHOP_QP_PAYMENT_ORDER_COMMENT') . urldecode($tid) . "\n";
	    
	    require_once (CLASSPATH . 'ps_order.php');

	    $ps_order = new ps_order;
	    $ps_order->order_status_update($d);

	    // Order payment
	    $dbo->query("UPDATE #__{vm}_order_payment SET order_payment_number = '" . $dbo->getEscaped($order_id) . "', order_payment_trans_id = '" . $tid . "', order_payment_code = 0 where order_id = '" . $dbo->getEscaped($order_id) . "'");

	    // add history callback info
	    addPaymentLog($dbo, $VM_LANG->_('PHPSHOP_QP_PAYMENT_CALLBACK') , $order_id);

	    // creation information
	    addPaymentLog($dbo, $VM_LANG->_('PHPSHOP_QP_PAYMENT_LOG_TID') . $transaction, $order_id);
	}
    }
} else {
    $d['order_status'] = QP_INVALID_STATUS;

    // Setting this to "Y" = yes is required by Danish Law
    $d['notify_customer'] = "Y";
    $d['order_id'] = $order_id;
    $d['include_comment'] = "Y";
    
    /**
     * Notifying the customer about the transaction key and
     * the order Status Update.
     */
    $d['order_comment'] = $VM_LANG->_('PHPSHOP_QP_PAYMENT_DECLINE') . $fejl;
    
    require_once (CLASSPATH . 'ps_order.php');

    $ps_order = new ps_order;
    $ps_order->order_status_update($d);
}

require_once (CLASSPATH . 'ps_main.php');

$shopper_subject = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT");
$msg = "";

if ($qpstat == "000") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_APPROVED") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_APPROVED");
} elseif ($qpstat == "001") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_REJECTED") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_REJECTED");
} elseif ($qpstat == "002") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_COMMUNICATION") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_COMMUNICATION");
} elseif ($qpstat == "003") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CARD_EXPIRED") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CARD_EXPIRED");
} elseif ($qpstat == "004") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_TRANSITION") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_TRANSITION");
} elseif ($qpstat == "005") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_AUTHORIZATION") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_AUTHORIZATION");
} elseif ($qpstat == "006") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_REPORTED_BY_CLEARING") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_REPORTED_BY_CLEARING");
} elseif ($qpstat == "007") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_REPORTED_BY_QUICKPAY") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_REPORTED_BY_QUICKPAY");
} elseif ($qpstat == "008") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_IN_REQUEST") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_IN_REQUEST");
} elseif ($qpstat == "009") {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_PAYMENT_ABORTED") . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_PAYMENT_ABORTED");
} else {
    $msg = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ": " . $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_UNSPECIFIED") . $qpstat . "\n\n------------------------------------------------------------------------\n";
    $stat = $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ERROR_UNSPECIFIED") . $qpstat;
}

$dbo = new ps_DB;

addPaymentLog($dbo, $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QUICK_PAYMENT") . ":" . $stat, $order_id);

$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_ORDERNUMBER") . ' : ' . $_POST["ordernumber"] . "\n\n------------------------------------------------------------------------ \n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_MSGTYPE") . ' : ' . $_POST["msgtype"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_AMOUNT") . ' : ' . $_POST["amount"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CURRENCY") . ' : ' . $_POST["currency"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_TIME") . ' : ' . $_POST["time"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_STATE") . ' : ' . ' : ' . $_POST["state"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_QSTATE") . ' : ' . $_POST["qpstat"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CHSTAT") . ' : ' . $_POST["chstat"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CHSTATMSG") . ' : ' . $_POST["chstatmsg"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_MERCHANT") . ' : ' . $_POST["merchant"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_MERCHANTEMAIL") . ' : ' . $_POST["merchantemail"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_TRASACTION") . ' : ' . $_POST["transaction"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CARDTYPES") . ' : ' . $_POST["cardtype"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_CARDNUMBER") . ' : ' . $_POST["cardnumber"] . "\n\n------------------------------------------------------------------------\n";
$msg.= $VM_LANG->_("PHPSHOP_ADMIN_CFG_QP_MD5_KEY") . ': ' . $_POST["md5check"] . "\n\n------------------------------------------------------------------------\n";

global $mosConfig_fromname;

$ps_vendor_id = vmGet($_SESSION, 'ps_vendor_id', 1);
$qv = "SELECT order_id, user_id FROM #__{vm}_orders WHERE order_id='" . $order_id . "'";
$dbo = new ps_DB;
$dbo->query($qv);
$dbo->next_record();
$dbv = new ps_DB;
$qt = "SELECT * from #__{vm}_vendor ";

/* Need to decide on vendor_id <=> order relationship */
$qt.= "WHERE vendor_id = '" . $ps_vendor_id . "'";
$dbv->query($qt);
$dbv->next_record();
$from_email = $dbv->f("contact_email");

$dbbt = new ps_DB;
$qt = "SELECT * FROM #__{vm}_user_info WHERE user_id='" . $dbo->f("user_id") . "' AND address_type='BT'";
$dbbt->query($qt);
$dbbt->next_record();
$shopper_email = $dbbt->f("user_email");
$shopper_name = $dbbt->f("first_name") . " " . $dbbt->f("last_name");

// Mail receipt to the shopper
if (QP_EMAIL_NOTIFICATION == 1) vmMail($from_email, $mosConfig_fromname, $shopper_email, $shopper_subject, $msg, "");
?>
